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DETAILED ACTION 

1 . The enclosed detailed action is in response to the Amendment submitted on January 24, 
2005. 



Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejectidtis under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

3. Claims 1-13, 15-21, 23-41, 43-57 and 60-66 are rejected under 35 U.S.C. 102(e) as being 
anticipated by O'Hare et al. (USPN: 6,484,173). 

Regarding claims 1, 6-7 and 12, O'Hare discloses in response to a non-media access request (a 
system call; C 1, L 34-35) by a first of the plurality of devices to a logical device at the shared 
resource for which the first device has no data access privileges (wherein data access privileges 
refers to read or write access) (C 10, L 13-14; C 4, L 31-36 - this condition occurs when access 
control of the system includes read and write operations, along with system calls [C 2, L 3-6] and 
when system calls ^ allowed and read/write operations are not allowed from the first device to 
the logical device at the shared resource; each requesting device is allowed access to certain 
regions of the shared resource for certain access types, refer to C 10 - C 14; Figure 5 and Figure 
6), determining whether the first device is authorized to have non-media access to the logical 
device, based at least in part, on an identity of the first device (Figure 6, References 216->220- 
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>224->226->228->230->214; C 2, L 16-30; C 13, L 62-66; C 14, L 49-50) and authorizing the 
non-media access request when it is determined that the first device is authorized to have non- 
media access to the logical device (C 2, 25-30; C 14, L 19-22). 

Regarding claims 2-3 and 16, O'Hare discloses denying the non-media access request when it is 
determined that the first device is not authorized to have non-media access to the logical device 
(C 13, L 57-61; this effectively ignores the request since the request is never processed or 
executed). 

Regarding claims 4 and 17-18, O'Hare discloses forwarding the non-media access request to the 
physical device corresponding to the logical device (Figure 1, References 34-36; Figure 3; 
Reference 36; requests are forwarded to the physical device via ports 34-36; C 7, L 31-39). 

Regarding claims 5, 24 and 32, O'Hare discloses system calls, which control configuration and 
operation of the storage system and thus such system intrinsically includes any requests which is 
related to configuring or operating the storage system and that includes an availability request (C 
6, L 30-32). 

Regarding claims 8 and 10, O'Hare discloses the elements of claim 1 performed by a filter 
(security module; C 14, L 22-32) that controls access to a plurality of logical devices (Figure 1, 
References 24-26) at the shared resource (Figure 1 , Reference 22) and further comprising 
maintaining in a data structure (matrix, Reference 100 in Figure 5) accessible to the filter 
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configuration information corresponding to the first device wherein the configuration 
information includes first configuration information identifying each of the plurality of logical 
devices (W, X, Y, Z) to which data access (access indicated by one of B, C and M which 
represents data access level) by the first device (one of requestors Q, R, S, T and V) is authorized 
and whether the non-media access (access indicated by one of B, C and M which represents the 
non-media access level) is authorized to each of the plurality of logical devices for which the 
configuration information identifies that no data access is authorized for the first device (C 10, L 
21-67; C 11, L 1-32). 

Regarding claim 9, O'Hare discloses examining the configuration information corresponding to 
the first device to determine whether the first device is authorized to have non-media access to 
the logical device (C 13, L 54-61). 

Regarding claims 1 1 and 23, O'Hare discloses determining whether an access request by the first 
device is one of a data access request and a non-media access request (C 13, L 54-61). 

Regarding claims 13 and 21, O'Hare discloses the storage system performing the operations in 
claim 12 (Figure 3, Reference 22, 60; C 14, L 22-32). 

Regarding claims 15, 19-20 and 25-27, O'Hare discloses maintaining in a data structure (matrix, 
Reference 100 in Figure 5) accessible to the filter configuration information corresponding to the 
first device wherein the configuration information includes first configuration information 
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identifying each of the plurahty of logical devices (W, X, Y, Z) to which data access (access 
indicated by one of B, C and M which represents data access level) by the first device (one of 
requestors Q, R, S, T and V) is authorized (C 10, L 21-67; C 1 1, L 1-32); in response to a non- 
media access request (a system call) by a first of the plurality of devices to a logical device at the 
shared resource for which the first device has no data access privileges (wherein data access 
privileges refers to read or vmte access) (C 10, L 13-14; this condition occurs when access 
control of the system includes read and write operations and when read and write operation 
access types are not allowed for the first device to the logical device at the shared resource; each 
requesting device is allowed access to certain regions of the shared resource for certain access 
types, refer to C 10 - C 14; Figure 5 and Figure 6), determining whether the first device is 
authorized to have non-media access to the logical device and authorizing the non-media access 
request when it is determined that the first device is authorized to have non-media access to the 
logical device (Figure 6, References 202, 216, 220, 224, 226, 228, 230 and 214; C 12, L 57-65; C 
13, entire; C 14, L 1-21). 

Regarding claims 28, 33, 38-41, 48, 52 and 57, O'Hare an input to be coupled to the network, 
wherein the network couples the plurality of devices to the shared resource (Figure 3, Reference 
62; C 4, L 18-30); and at least one filter (Figure 3, Reference 64; C 14, L 22-32) coupled to the 
input (via Reference 62 in Figure 3) that is responsive to the non-media access request by a first 
of the plurality of devices to a logical device at a shared resource for which the first device has 
no data access privileges (wherein data access privileges refers to read or write access) (C 10, L 
13-14; this condition occurs when access control of the system includes read and write 
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operations and when read and write operation access types are not allowed for the first device to 
the logical device at the shared resource; each requesting device is allowed access to certain 
regions of the shared resource for certain access types, refer to C 10 - C 14; Figure 5 and Figure 
6), to determine whether the first device is authorized to have non-media access to the logical 
device and to authorize the non-media access request when it is determined that the first device is 
authorized to have non-media access to the logical device (Figure 6, References 202, 216, 220, 
224, 226, 228, 230 and 214; C 12, L 57-65; C 13, entire; C 14, L 1-21). 

Regarding claim 29, 31, 49 and 51, O'Hare discloses the filter denying the non-media access 
request when it is determined that the first device is not authorized to have non-media access to 
the logical device (C 13, L 57-61; this effectively ignores the request since the request is never 
processed or executed). 

Regarding claims 30 and 50, O'Hare discloses a plurality of storage devices (C 5, L 64-67) 
coupled to the at least one filter, and wherein when it is determined that the first device is 
authorized to have non-media access to the logical device, the at least one filter forwards the 
non-media access request to a storage device corresponding to the logical device (C 7, L 48-67; 
C 8, L 1-24). 

Regarding claims 34, 36, 48 and 53-54, O'Hare discloses data structure (matrix. Reference 100 
in Figure 5), accessible to the at least one filter, that stores configuration information 
corresponding to the first device that includes first configuration information identifying each of 
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a plurality of logical devices (W, X, Y, Z) at the shared resource to which data access (access 
indicated by one of B, C and M which represents data access level) by the first device (one of 
requestors Q, R, S, T and V) is authorized and second configuration information identifying 
whether non-media access (access indicated by one of B, C and M which represents the non- 
media access level) is authorized to each of the plurality of logical devices for which the first 
configuration information identifies that no data access is authorized for the first device (C 10, L 
21-67; C 11, L 1-32). 

Regarding claims 35 and 55, O'Hare disclose the at least one filter examining the second 
configuration information corresponding to the first device to determine whether the first device 
is authorized to have non-media access to the logical device (C 13, L 54-61). 

Regarding claims 37 and 56, O'Hare discloses examining the access request to determine 
whether the access request is one of a data access request and a non-media access request (C 13, 
L 54-61 - determining access request type). 

Regarding claims 28, 33, 38-41, 48, 52 and 57, O'Hare an input to be coupled to the network, 
wherein the network couples the plurality of devices to the shared resource (Figure 3, Reference 
62; C 4, L 18-30); and at least one fiher (Figure 3, Reference 64; C 14, L 22-32) coupled to the 
input (via Reference 62 in Figure 3) that is responsive to the a non-media access request by a 
first of the plurality of devices to a logical device at a shared resource for which the first device 
has no data access privileges (wherein data access privileges refers to read or write access) (C 
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10, L 13-14; this condition occurs when access control of the system includes read and write 
operations and when read and write operation access types are not allowed for the first device to 
the logical device at the shared resource; each requesting device is allowed access to certain 
regions of the shared resource for certain access types, refer to C 10 - C 14; Figure 5 and Figure 
6), to determine whether the first device is authorized to have non-media access to the logical 
device and to authorize the non-media access request when it is determined that the first device is 
authorized to have non-media access to the logical device (Figure 6, References 202, 216, 220, 
224, 226, 228, 230 and 214; C 12, L 57-65; C 13, entire; C 14, L 1-21). 

Regarding claim 29, 31, 49 and 51, O'Hare discloses the filter denying the non-media access 
request when it is determined that the first device is not authorized to have non-media access to 
the logical device (C 13, L 57-61; this effectively ignores the request since the request is never 
processed or executed). 

Regarding claims 30 and 50, O'Hare discloses a plurality of storage devices (C 5, L 64-67) 
coupled to the at least one filter, and wherein when it is determined that the first device is 
authorized to have non-media access to the logical device, the at least one filter forwards the 
non-media access request to a storage device corresponding to the logical device (C 7, L 48-67; 
C 8, L 1-24). 

Regarding claims 34, 36, 48 and 53-54, O'Hare discloses data structure (matrix, Reference 100 
in Figure 5), accessible to the at least one filter, that stores configuration information 
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corresponding to the first device that includes first configuration information identifying each of 
a plurality of logical devices (W, X, Z) at the shared resource to which data access (access 
indicated by one of B, C and M which represents data access level) by the first device (one of 
requestors Q, R, S, T and V) is authorized and second configuration information identifying 
whether non-media access (access indicated by one of B, C and M which represents the non- 
media access level) is authorized to each of the plurality of logical devices for which the first 
configuration information identifies that no data access is authorized for the first device (C 10, L 
21-67; C 11, L 1-32). 

Regarding claims 35 and 55, O'Hare discloses the at least one filter examining the second 
configuration information corresponding to the first device to determine whether the first device 
is authorized to have non-media access to the logical device (C 13, L 54-61). 

Regarding claims 37 and 56, O'Hare discloses examining the access request to determine 
whether the access request is one of a data access request and a non-media access request (C 13, 
L 54-61 - determining access request type). 

Regarding claims 43-47, O'Hare discloses a computer readable medium (C 18, L 36-60) 
comprising a data structure relating to access management by a plurality of network devices to 
data stored on a plurality of logical devices of a shared resource, the data structure including a 
plurality of records each corresponding to one of the plurality of network devices, a first record 
of the plurality of records corresponding to a first of the plurality of network devices and 
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including configuration information identifying each logical device of the plurality of logical 
devices to which data access by the first network device is authorized to have non-media access 
to a first logical device of the plurality of logical devices when the configuration information 
corresponding to the first network device identifies that no data access to the first logical device 
fi-om the first network device is authorized (Figure 5, C 10, L 28-67; C 1 1, entire; C 12, L 1-33). 

Regarding claims 60-66, O'Hare discloses a plurality of storage devices that store a plurality of 
logical volumes of data (C 5, L 64-67); a data structure to store configuration information 
identifying whether a first network device of a plurality of network devices [C 4, L 18-30 - when 
the devices are coupled to the storage via a network, the devices are network devices] that are 
coupled to the storage system is authorized to access data on a first logical volume of the 
plurality of logical volumes (Figure 5, Reference 100; C 21-67 ; C 1 1, L 1-32); and a filter, 
responsive to the configuration information stored in the data structure, to selectively forward 
non-media access requests fi-om the first network device to the first logical volume when the 
configuration information identifies that no data access to the first logical volume fi'om the first 
network device is authorized (Figure 3, Reference 64; C 14, L 22-32; Figure 6; C 12, L 57-67; C 
13, entire; C 14, L 1-21). 

Allowable Subject Matter 
4. Claims 14, 22, 42 and 58-59 are objected to as being dependent upon a rejected base 
claim, but would be allowable if rewritten in independent form including all of the limitations of 
the base claim and any intervening claims. 
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Response to Arguments 
5. Applicant's arguments filed have been fully considered but they are not persuasive. 
Each host requestor in the system is allowed certain types of accesses [read and write or system 
calls] to certain regions of memory [refer to C 4, L 35-36], wherein the allowed access types is 
associated with the host via the host ID in the matrix in Figure 5 [refer to C 2, L 16-30, C 4, L 
3 1-36; C 13, L 62-66, C 14, L 49-50]. Therefore a requestor may NOT have read and write 
access but MAY HAVE system call access to a particular region of the storage. In the above 
rejection, claim 1 for example, is rejected based upon this scenario, the relevant language states 
"..for which the first device has no data access privileges (wherein data access privileges refers 
to read or write access) (C 10, L 13-14; C 4, L 31-36 - this condition occxirs when access control 
of the system includes read and write operations, along with system calls [C 2, L 3-6] and when 
system calls dXQ allowed and read/write operations are not allowed fi"om the first device to the 
logical device at the shared resource; each requesting device is allowed access to certain regions 
of the shared resource for certain access types, refer to C 10 - C 14; Figure 5 and Figure 6). 
Thus O'Hare does teach authorizing a non-media access request to a logical device fi'om a device 
that lacks data access privileges. 

Additionally, a system call does not perform read and write operations [refer to C 1, L 34-35], as 
admitted by the Applicant in the After Final Amendment submitted on May 27, 2004 entered in 
the record via the RCE submitted on July 27, 2004, "Applicants mistakenly characterized the 
system calls of O'Hare as performing both administrative operations and data accesses (i.e., read 
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and write operations). For this reason, Applicants argued that a system call does not meet the 
definition of Applicants* claimed non-media access request. Upon reconsideration in preparing 
this response, the undersigned now believes that O'Hare does not disclose system calls that 
directly read and write data, but rather only those that perform administrative-like operations 
(O'Hare, col. 1, lines 29-36). Thus, Applicants withdraw any assertion that the system calls of 
O'Hare perform read and write operations..". 

The system call may instruct the host to perform an activity that requires the host to perform a 
SUBSEQUENT read and write operation. 

Conclusion 

6. Any inquiry conceming this communication or earlier communications fi"om the 
examiner should be directed to Kimberly N. McLean-Mayo whose telephone number is 703-308- 
9592. The examiner can normally be reached on Tues, Thr, Fri (10:00 - 6:30). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Donald Sparks can be reached on 703-308-1756. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-2 17-9L97 (toll-free). 
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